mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 07:54:17 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

test(packer): add image for opensuse & some cleanup.

Browse Source
This commit is contained in:
Alexandre Pujol 2023-04-30 16:26:16 +01:00
parent 46165fe58f
commit 9731a09588
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
5 changed files with 112 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
tests/packer/init/init.sh
View File

@ -5,8 +5,11 @@
set -eu set -eu
_lsb_release() {
# shellcheck source=/dev/null # shellcheck source=/dev/null
_lsb_release() { . /etc/os-release; echo "$ID"; } . /etc/os-release
echo "$ID"
}
DISTRIBUTION="$(_lsb_release)" DISTRIBUTION="$(_lsb_release)"
readonly SRC=/tmp/src readonly SRC=/tmp/src
readonly DISTRIBUTION readonly DISTRIBUTION
@ -16,13 +19,23 @@ main() {
install -Dm0644 -o "$SUDO_USER" -g "$SUDO_USER" $SRC/.bash_aliases "/home/$SUDO_USER/.bash_aliases" install -Dm0644 -o "$SUDO_USER" -g "$SUDO_USER" $SRC/.bash_aliases "/home/$SUDO_USER/.bash_aliases"
install -Dm0644 -o "$SUDO_USER" -g "$SUDO_USER" $SRC/htoprc "/home/$SUDO_USER/.config/htop/htoprc" install -Dm0644 -o "$SUDO_USER" -g "$SUDO_USER" $SRC/htoprc "/home/$SUDO_USER/.config/htop/htoprc"
install -Dm0644 $SRC/parser.conf /etc/apparmor/parser.conf install -Dm0644 $SRC/parser.conf /etc/apparmor/parser.conf
install -Dm0644 $SRC/site.local /etc/apparmor.d/tunables/etc.d/site.local install -Dm0644 $SRC/site.local /etc/apparmor.d/tunables/multiarch.d/site.local
install -Dm0755 $SRC/aa-update /usr/bin/aa-update install -Dm0755 $SRC/aa-update /usr/bin/aa-update
chown -R "$SUDO_USER:$SUDO_USER" "/home/$SUDO_USER/.config/" chown -R "$SUDO_USER:$SUDO_USER" "/home/$SUDO_USER/.config/"
case "$DISTRIBUTION" in case "$DISTRIBUTION" in
debian | ubuntu) dpkg -i $SRC/apparmor.d_*_all.deb ;;
opensuse*) zypper install -y bash-completion git go htop make rsync vim ;;
arch) pacman --noconfirm -U $SRC/apparmor.d-*-x86_64.pkg.tar.zst ;; arch) pacman --noconfirm -U $SRC/apparmor.d-*-x86_64.pkg.tar.zst ;;
debian | ubuntu)
apt-get update -y
apt-get install -y apparmor-profiles build-essential config-package-dev \
debhelper devscripts htop qemu-guest-agent rsync vim
dpkg -i $SRC/apparmor.d_*_all.deb
;;
opensuse*)
zypper install -y bash-completion git go htop make rsync vim
sed -i -e '/cache-loc/d' /etc/apparmor/parser.conf
;;
esac esac
} }

33
tests/packer/init/opensuse-kde.user-data.yml Normal file
View File

@ -0,0 +1,33 @@
#cloud-config
hostname: ${hostname}
locale: en_IE
keyboard:
layout: ie
ssh_pwauth: true
users:
- name: ${username}
plain_text_passwd: ${password}
shell: /bin/bash
ssh_authorized_keys:
- ${ssh_key}
lock_passwd: false
sudo: ALL=(ALL) NOPASSWD:ALL
package_update: true
package_upgrade: true
package_reboot_if_required: false
packages:
- bash-completion
- git
- go
- htop
- make
- rsync
- vim
runcmd:
# Set some bash aliases
- echo '[[ -f ~/.bash_aliases ]] && source ~/.bash_aliases' >> /home/${username}/.bashrc

4
tests/packer/main.pkr.hcl
View File

@ -7,6 +7,8 @@ build {
sources = [ sources = [
"source.qemu.archlinux-gnome", "source.qemu.archlinux-gnome",
"source.qemu.archlinux-kde", "source.qemu.archlinux-kde",
"source.qemu.debian-server",
"source.qemu.opensuse-kde",
"source.qemu.ubuntu-server", "source.qemu.ubuntu-server",
] ]
@ -22,7 +24,7 @@ build {
} }
provisioner "file" { provisioner "file" {
only = ["qemu.ubuntu-server", "qemu.ubuntu-desktop"] only = ["qemu.debian-server", "qemu.ubuntu-server", "qemu.ubuntu-desktop"]
destination = "/tmp/src/" destination = "/tmp/src/"
sources = ["${path.cwd}/../apparmor.d_${var.version}_all.deb"] sources = ["${path.cwd}/../apparmor.d_${var.version}_all.deb"]
} }

45
tests/packer/opensuse.pkr.hcl Normal file
View File

@ -0,0 +1,45 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
# TODO: Fully automate the creation of the base image
# To save some dev time, 'base_opensuse_kde' is manually created from the opensuse iso with:
# - KDE
# - username/password defined in the variables
# - cloud-init installed and enabled
source "qemu" "opensuse-kde" {
disk_image = true
iso_url = "${var.iso_dir}/base_opensuse_kde.qcow2"
iso_checksum = "sha256:62a174725bdf26981d15969e53461b89359f7763450cbfd3e258d4035731279b"
iso_target_path = "${var.iso_dir}/base_opensuse_kde.qcow2"
cpus = 6
memory = 4096
disk_size = "${var.disk_size}"
accelerator = "kvm"
headless = false
ssh_username = "${var.username}"
ssh_password = "${var.password}"
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = "${var.iso_dir}/packer/"
vm_name = "${var.prefix}${source.name}.qcow2"
boot_wait = "10s"
firmware = "/usr/share/edk2-ovmf/x64/OVMF_CODE.fd"
shutdown_command = "echo ${var.password} | sudo shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/packer/init/${source.name}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}"
}
)
}
}

8
tests/packer/src/aa-update
View File

@ -1,9 +1,15 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -eu set -eu
export BUILDDIR=/tmp/build/ PKGDEST=/tmp/pkg export BUILDDIR=/tmp/build/ PKGDEST=/tmp/pkg
# shellcheck source=/dev/null # shellcheck source=/dev/null
_lsb_release() { . /etc/os-release || exit 1; echo "$ID"; } _lsb_release() {
. /etc/os-release || exit 1
echo "$ID"
}
DISTRIBUTION="$(_lsb_release)" DISTRIBUTION="$(_lsb_release)"
cd "$HOME/Projects/apparmor.d" cd "$HOME/Projects/apparmor.d"
case "$DISTRIBUTION" in case "$DISTRIBUTION" in
arch) make pkg ;; arch) make pkg ;;